From 60de04c533b625ac00110c8377dde376d0d06c0b Mon Sep 17 00:00:00 2001
From: Kurt Zeilenga <kurt@openldap.org>
Date: Sun, 6 May 2001 22:00:01 +0000
Subject: [PATCH] -llber hardening
---
servers/slapd/config.c | 39 +++++++++++++++++++++++++++++++++++
servers/slapd/connection.c | 42 ++++++++++++++++++++++++--------------
servers/slapd/controls.c | 2 +-
servers/slapd/daemon.c | 2 +-
servers/slapd/entry.c | 17 +++++++++------
servers/slapd/proto-slap.h | 2 ++
servers/slapd/slap.h | 1 +
7 files changed, 82 insertions(+), 23 deletions(-)
diff --git a/servers/slapd/config.c b/servers/slapd/config.c
index 48e995eb67..df982460e8 100644
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -40,6 +40,8 @@ char *default_passwd_hash;
char *default_search_base = NULL;
char *default_search_nbase = NULL;
+ber_len_t sockbuf_max_incoming = SLAP_SB_MAX_INCOMING_DEFAULT;
+
char *slapd_pid_file = NULL;
char *slapd_args_file = NULL;
@@ -168,6 +170,43 @@ read_config( const char *fname )
ldap_pvt_thread_set_concurrency( c );
+ /* set sockbuf max */
+ } else if ( strcasecmp( cargv[0], "sockbuf_max_incoming" ) == 0 ) {
+ long max;
+ if ( cargc < 2 ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
+ "%s: line %d: missing max in \"sockbuf_max_incoming <bytes\" line\n",
+ fname, lineno ));
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: missing max in \"sockbuf_max_incoming <bytes\" line\n",
+ fname, lineno, 0 );
+#endif
+
+ return( 1 );
+ }
+
+ max = atol( cargv[1] );
+
+ if( max < 0 ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
+ "%s: line %d: invalid max value (%ld) in "
+ "\"sockbuf_max_incoming <bytes>\" line.\n",
+ fname, lineno, max ));
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: invalid max value (%ld) in "
+ "\"sockbuf_max_incoming <bytes>\" line.\n",
+ fname, lineno, max );
+#endif
+
+ return( 1 );
+ }
+
+ sockbuf_max_incoming = max;
+
/* default search base */
} else if ( strcasecmp( cargv[0], "defaultSearchBase" ) == 0 ) {
if ( cargc < 2 ) {
diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c
index de77e7051d..b282cf6970 100644
--- a/servers/slapd/connection.c
+++ b/servers/slapd/connection.c
@@ -362,33 +362,39 @@ long connection_init(
assert( c != NULL );
- if( c->c_struct_state == SLAP_C_UNINITIALIZED ) {
+ if( c->c_struct_state == SLAP_C_UNINITIALIZED ) {
c->c_authmech = NULL;
- c->c_dn = NULL;
- c->c_cdn = NULL;
+ c->c_dn = NULL;
+ c->c_cdn = NULL;
c->c_listener_url = NULL;
c->c_peer_domain = NULL;
- c->c_peer_name = NULL;
- c->c_sock_name = NULL;
+ c->c_peer_name = NULL;
+ c->c_sock_name = NULL;
- c->c_ops = NULL;
- c->c_pending_ops = NULL;
+ c->c_ops = NULL;
+ c->c_pending_ops = NULL;
c->c_sasl_bind_mech = NULL;
c->c_sasl_context = NULL;
c->c_sasl_extra = NULL;
- c->c_sb = ber_sockbuf_alloc( );
+ c->c_sb = ber_sockbuf_alloc( );
+
+ {
+ ber_len_t max = sockbuf_max_incoming;
+ ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max );
+ }
+
c->c_currentber = NULL;
- /* should check status of thread calls */
- ldap_pvt_thread_mutex_init( &c->c_mutex );
- ldap_pvt_thread_mutex_init( &c->c_write_mutex );
- ldap_pvt_thread_cond_init( &c->c_write_cv );
+ /* should check status of thread calls */
+ ldap_pvt_thread_mutex_init( &c->c_mutex );
+ ldap_pvt_thread_mutex_init( &c->c_write_mutex );
+ ldap_pvt_thread_cond_init( &c->c_write_cv );
- c->c_struct_state = SLAP_C_UNUSED;
- }
+ c->c_struct_state = SLAP_C_UNUSED;
+ }
ldap_pvt_thread_mutex_lock( &c->c_mutex );
@@ -576,9 +582,15 @@ connection_destroy( Connection *c )
c->c_connid, sd, 0, 0, 0 );
}
- ber_sockbuf_free( c->c_sb );
+ ber_sockbuf_free( c->c_sb );
+
c->c_sb = ber_sockbuf_alloc( );
+ {
+ ber_len_t max = sockbuf_max_incoming;
+ ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max );
+ }
+
c->c_conn_state = SLAP_C_INVALID;
c->c_struct_state = SLAP_C_UNUSED;
}
diff --git a/servers/slapd/controls.c b/servers/slapd/controls.c
index e99eeed1e5..426692645c 100644
--- a/servers/slapd/controls.c
+++ b/servers/slapd/controls.c
@@ -181,7 +181,7 @@ return_results:
if( sendres && rc != LDAP_SUCCESS ) {
if( rc == SLAPD_DISCONNECT ) {
- send_ldap_disconnect( conn, op, rc, errmsg );
+ send_ldap_disconnect( conn, op, LDAP_PROTOCOL_ERROR, errmsg );
} else {
send_ldap_result( conn, op, rc,
NULL, errmsg, NULL, NULL );
diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c
index 04bb8f8aee..f357a8c9e5 100644
--- a/servers/slapd/daemon.c
+++ b/servers/slapd/daemon.c
@@ -543,7 +543,7 @@ static Listener * slap_open_listener(
case AF_INET: {
char *s;
-#ifdef HAVE_GETADDRINFO
+#if defined( HAVE_GETADDRINFO ) && defined( INET_NTOP )
char addr[INET_ADDRSTRLEN];
inet_ntop( AF_INET, &((struct sockaddr_in *)*sal)->sin_addr,
addr, sizeof(addr) );
diff --git a/servers/slapd/entry.c b/servers/slapd/entry.c
index b52e518a80..ed81984c8b 100644
--- a/servers/slapd/entry.c
+++ b/servers/slapd/entry.c
@@ -264,8 +264,14 @@ entry2str(
void
entry_free( Entry *e )
{
- Attribute *a, *next;
+ /* free an entry structure */
+ assert( e != NULL );
+ /* e_private must be freed by the caller */
+ assert( e->e_private == NULL );
+ e->e_private = NULL;
+
+ /* free DNs */
if ( e->e_dn != NULL ) {
free( e->e_dn );
e->e_dn = NULL;
@@ -274,12 +280,11 @@ entry_free( Entry *e )
free( e->e_ndn );
e->e_ndn = NULL;
}
- for ( a = e->e_attrs; a != NULL; a = next ) {
- next = a->a_next;
- attr_free( a );
- }
+
+ /* free attributes */
+ attrs_free( e->e_attrs );
e->e_attrs = NULL;
- e->e_private = NULL;
+
free( e );
}
diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h
index ecdaaf2dfe..f8f6d43b9a 100644
--- a/servers/slapd/proto-slap.h
+++ b/servers/slapd/proto-slap.h
@@ -760,6 +760,8 @@ LDAP_SLAPD_F (int) krbv4_ldap_auth();
/*
* Other...
*/
+#define SLAP_SB_MAX_INCOMING_DEFAULT (1<<18 - 1)
+LDAP_SLAPD_F (ber_len_t) sockbuf_max_incoming;
LDAP_SLAPD_F (slap_mask_t) global_restrictops;
LDAP_SLAPD_F (slap_mask_t) global_allows;
diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h
index bed78c771e..89acc1fbdb 100644
--- a/servers/slapd/slap.h
+++ b/servers/slapd/slap.h
@@ -58,6 +58,7 @@ LDAP_BEGIN_DECL
#define MAXREMATCHES 10
+#define SLAP_MAX_INCOMING (1<<18 - 1)
#define SLAP_MAX_WORKER_THREADS 32
--
GitLab